Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
File:                     sTSesOfbZTbKeYKWH_rJsykWXF8.mft (raw, json)
Hash identifier:          QIYW7lrFYTcO257lgFppLf0Csi+TmiKIpADzdqjUm7U=
Subject key identifier:   63:AA:5A:93:E5:8D:54:7B:2C:7A:FC:10:42:55:58:52:A5:9A:71:00
Authority key identifier: B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F
Certificate issuer:       /CN=b1349eb0e7db6536ca7982961ffac9b329165c5f
Certificate serial:       019D288423192E56FB82E929A869AF0489AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
Manifest number:          053B
Signing time:             Thu 26 Mar 2026 05:00:41 +0000
Manifest this update:     Thu 26 Mar 2026 05:00:41 +0000
Manifest next update:     Fri 27 Mar 2026 05:00:41 +0000
Files and hashes:         1: sTSesOfbZTbKeYKWH_rJsykWXF8.crl (hash: 0AKem+ZsCBCYTXmozkDlV9DLMy9X1FS+TffjUv7jUhA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:23:19:2e:56:fb:82:e9:29:a8:69:af:04:89:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1349eb0e7db6536ca7982961ffac9b329165c5f
        Validity
            Not Before: Mar 26 05:00:41 2026 GMT
            Not After : Mar 27 05:00:41 2026 GMT
        Subject: CN=63aa5a93e58d547b2c7afc1042555852a59a7100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:49:86:97:82:72:f8:ff:b0:25:f5:55:95:ba:
                    87:b0:dc:94:d8:e4:2f:4d:8a:2a:41:10:e8:6f:40:
                    36:f4:db:a7:55:44:39:e8:15:5f:37:e8:4b:51:23:
                    d8:ac:d4:5a:3a:91:3f:94:f6:7c:4a:52:3e:b0:78:
                    fb:76:76:98:b3:8e:92:e0:d5:ed:9c:6f:31:48:1b:
                    e1:74:72:cc:b3:f7:86:49:34:ac:26:7e:16:15:20:
                    60:f3:ee:11:26:40:6d:41:f6:90:31:2d:68:6d:44:
                    88:9e:07:22:9e:af:8d:d1:e1:e0:f0:61:63:06:f8:
                    64:64:e3:ac:9d:58:d1:bd:d7:7c:6a:b5:8a:fd:42:
                    88:21:b2:60:87:51:9e:87:8b:19:e4:b3:56:3d:0b:
                    0e:99:43:1b:61:a3:30:3c:f7:bf:b6:4c:4a:05:68:
                    44:ee:6c:41:d6:46:e8:65:60:04:33:99:e4:aa:fb:
                    45:b4:eb:ba:f2:73:bd:fb:8a:13:43:f6:93:9c:7c:
                    50:e3:44:c4:ee:a4:67:6a:da:4d:f3:c1:57:27:a6:
                    5a:dc:86:96:88:9c:0f:f6:23:a3:7a:f0:5e:f7:5b:
                    df:f3:da:5c:56:a8:80:65:39:ad:10:f4:3c:5a:0e:
                    dd:b5:fa:d9:8f:df:bb:9f:2b:5f:b8:73:19:77:80:
                    48:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:AA:5A:93:E5:8D:54:7B:2C:7A:FC:10:42:55:58:52:A5:9A:71:00
            X509v3 Authority Key Identifier:
                keyid:B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         db:24:6a:60:86:83:7e:eb:a2:18:43:8a:57:b6:2e:4e:27:b5:
         34:6b:92:ce:d4:6e:82:7a:15:4e:ae:34:5f:68:2c:21:5c:81:
         45:20:f2:0f:c4:82:98:9e:27:af:32:cb:63:8d:ce:5e:df:54:
         05:27:75:f3:3b:48:99:39:57:34:e9:c9:dc:07:bf:8a:c6:3d:
         44:85:6a:c2:a3:cb:ca:4a:9a:f7:bb:2a:b5:f6:22:14:3a:10:
         30:eb:9b:25:d3:0e:bd:20:20:a4:83:c9:95:81:5e:ef:f4:5c:
         8f:17:b3:c3:62:65:1f:4c:d7:3b:74:ee:29:ee:24:ab:3a:bd:
         f2:c1:2c:e3:8c:06:50:9f:8b:c5:66:95:34:95:fa:6e:ef:83:
         cf:f6:77:f3:41:cd:49:32:91:c6:86:c0:50:61:61:d5:35:46:
         ab:8a:6d:de:20:33:d1:05:89:9d:85:e4:48:90:e7:db:c9:48:
         2e:cd:92:56:22:b3:3c:3e:09:08:70:6f:3d:47:d8:f6:b4:84:
         c0:9b:33:6c:91:39:35:5b:01:71:92:41:4c:45:e1:3c:da:76:
         6d:12:31:b6:fa:c9:bb:36:06:b1:c0:0c:7f:09:9c:8b:11:24:
         5d:58:46:d5:62:c8:8a:82:41:02:c7:3d:81:2d:88:27:b2:94:
         b9:c7:60:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohCMZLlb7gukpqGmvBImvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzQ5ZWIwZTdkYjY1MzZjYTc5ODI5NjFmZmFjOWIzMjkx
NjVjNWYwHhcNMjYwMzI2MDUwMDQxWhcNMjYwMzI3MDUwMDQxWjAzMTEwLwYDVQQD
Eyg2M2FhNWE5M2U1OGQ1NDdiMmM3YWZjMTA0MjU1NTg1MmE1OWE3MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkmGl4Jy+P+wJfVVlbqHsNyU2OQv
TYoqQRDob0A29NunVUQ56BVfN+hLUSPYrNRaOpE/lPZ8SlI+sHj7dnaYs46S4NXt
nG8xSBvhdHLMs/eGSTSsJn4WFSBg8+4RJkBtQfaQMS1obUSIngcinq+N0eHg8GFj
BvhkZOOsnVjRvdd8arWK/UKIIbJgh1Geh4sZ5LNWPQsOmUMbYaMwPPe/tkxKBWhE
7mxB1kboZWAEM5nkqvtFtOu68nO9+4oTQ/aTnHxQ40TE7qRnatpN88FXJ6Za3IaW
iJwP9iOjevBe91vf89pcVqiAZTmtEPQ8Wg7dtfrZj9+7nytfuHMZd4BIMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOqWpPljVR7LHr8EEJVWFKlmnEAMB8GA1UdIwQY
MBaAFLE0nrDn22U2ynmClh/6ybMpFlxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYt
N2EzMGJlNWNlY2MwLzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYtN2EzMGJlNWNlY2Mw
LzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2yRqYIaD
fuuiGEOKV7YuTie1NGuSztRugnoVTq40X2gsIVyBRSDyD8SCmJ4nrzLLY43OXt9U
BSd18ztImTlXNOnJ3Ae/isY9RIVqwqPLykqa97sqtfYiFDoQMOubJdMOvSAgpIPJ
lYFe7/Rcjxezw2JlH0zXO3TuKe4kqzq98sEs44wGUJ+LxWaVNJX6bu+Dz/Z380HN
STKRxobAUGFh1TVGq4pt3iAz0QWJnYXkSJDn28lILs2SViKzPD4JCHBvPUfY9rSE
wJszbJE5NVsBcZJBTEXhPNp2bRIxtvrJuzYGscAMfwmcixEkXVhG1WLIioJBAsc9
gS2IJ7KUucdgDg==
-----END CERTIFICATE-----